As a result of shutdowns throughout the country and the rest of the world, remote work surged in 2020. And while many companies have returned to the office, other organizations have elected to shift towards flex models or completely remote environments. Even before the beginning of the COVID-19 pandemic, remote work was a rapidly growing trend. In fact, according to Global Workplace Analytics’ analysis of 2019 American Community Service (ACS) data, a total of 5.7 million employees (or 4.1% of the country’s workforce) work from home at least half of the time.
With so many people worldwide working in a remote setting—and the growing focus on having legally-valid electronic transactions—forward looking organizations are placing great emphasis on their remote secure document signing solution is as important as ever. Digital document signing has soared in popularity in recent years, filling a critical need for institutions all around the globe. According to Fortune Business Insights, the global digital signature market reached 1.10 billion USD in 2019, and by 2027 that number is projected to skyrocket to 7.99 billion. This is not surprising given that digital signing saves time and money while making it easier to create legally binding documents in an instant whether someone is using a laptop, phone, or tablet, whether someone wants to quickly onboard a new employee or close on a new business deal.
With such a strong need for legally-valid, remotely-signed documents, it is critical to have trusted solutions that allow companies and institutions alike to meet regulatory demands. Using remote signature solutions allows users to promptly verify both the identity of a signer and the integrity of a document—a far faster solution than in-person signatures. At the same time, a remote signature solution is a more effective option than scanned “wet” signatures, which anyone can alter and do not provide the same legal assurances.
Those who are using digital document signing want a resource they can trust—and the more security the better. To help meet this need, it is important that digital signatures use Public Key Infrastructure (PKI) digital certificates to assert a signer’s verified identity while securing a document simultaneously. It should be highlighted that a digital signature can only be encrypted by someone with a copy of the public key. This means that a recipient can rely upon the fact that the document has not been altered since signing and provides a seemingly iron-clad layer of protection against forgery. Digital signing solutions using PKI ultimately provide a digital timestamp that protects against tampering. This timestamp means that any attempt to alter the signature would be rendered not secure and not at the time of the original signature. In fact, in many regions, such as the European region, the presence of an eSeal provides proof of an org signing and meets regulatory requirements.
Beyond a high level of security, another key benefit of using a digital signature service is that someone easily create signed documents meeting the highest standards for legal validity. While the law may recognize simple “clickthru” signatures, typically significant evidence must be provided to prove the legality of the signature. This legal proof is significantly reduced for Advanced (baseline for legally valid electronic signatures) or Qualified (highest legal backing for digital signatures) digital signatures from a certified or accredited provider.
As the digital transformation movement continues to pick up steam, certain concerns have arisen for some businesses. For example, businesses are looking for signing providers who can efficiently “onboard” their remote employees and customers using tools for online identity verification. This is an area which has seen much evolution in the U.S. and is now the subject of intense standards and accreditation development such as Europe’s new ETSI TS 119 461 standards for identity proofing.For multinational organizations, who wish their signatures to be recognize in multiple legal jurisdictions, the compliance issues surrounding identity verification are paramount.
Even before the pandemic, remote work was increasing in importance, and with the rise in the virtual office also came the escalating popularity of digital signatures. As we move forward, it is imperative for companies and institutions alike to find a certified digital signature provider that provides a secure PKI solution that scales for simple use across the business. From cutting costs to saving time to improving security, there are a slew of reasons why an organization would look to shift from manual to digital signatures. And ultimately, as digital signatures become more and more popular, it will be critical to keep security and compliance at top of mind when finding the right digital signature solution.
Stephen Davidson is a Senior Manager in DigiCert’s global Governance, Risk and Compliance team with a focus on standards and accreditations related to our European Qualified Trust Service Provider and digital signature-related businesses. He co-founded QuoVadis, which became part of DigiCert in early 2019. Active in the CA/Browser Forum since 2006, he is Chair of S/MIME Certificate Working Group, writing the first baseline requirements for email signing and encryption certificates.